[ubuntu/jaunty] libpam-heimdal 3.10-2.1ubuntu1 (Accepted)
Devid Antonio Filoni
d.filoni at ubuntu.com
Thu Feb 12 15:10:13 GMT 2009
libpam-heimdal (3.10-2.1ubuntu1) jaunty; urgency=low
* Merge from Debian unstable, reamining Ubuntu change:
- debian/rules: don't call autogen.sh, run autoconf instead
* Don't apply debian/patches/add-autogen.sh patch.
libpam-heimdal (3.10-2.1) testing-security; urgency=high
* Non-maintainer security upload.
* SECURITY (CVE-2009-0361): Protect against applications calling
pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context.
This API call is designed to reinitialize an existing Kerberos ticket
cache and therefore trusts the KRB5CCNAME environment variable, but in
a setuid context, this may allow overwriting arbitrary files.
Date: Thu, 12 Feb 2009 15:59:12 +0100
Changed-By: Devid Antonio Filoni <d.filoni at ubuntu.com>
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Signed-By: Devid Antonio Filoni <d.filoni at techemail.com>
https://launchpad.net/ubuntu/jaunty/+source/libpam-heimdal/3.10-2.1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 12 Feb 2009 15:59:12 +0100
Source: libpam-heimdal
Binary: libpam-heimdal
Architecture: source
Version: 3.10-2.1ubuntu1
Distribution: jaunty
Urgency: high
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Devid Antonio Filoni <d.filoni at ubuntu.com>
Description:
libpam-heimdal - PAM module for Heimdal Kerberos 5
Changes:
libpam-heimdal (3.10-2.1ubuntu1) jaunty; urgency=low
.
* Merge from Debian unstable, reamining Ubuntu change:
- debian/rules: don't call autogen.sh, run autoconf instead
* Don't apply debian/patches/add-autogen.sh patch.
.
libpam-heimdal (3.10-2.1) testing-security; urgency=high
.
* Non-maintainer security upload.
* SECURITY (CVE-2009-0361): Protect against applications calling
pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context.
This API call is designed to reinitialize an existing Kerberos ticket
cache and therefore trusts the KRB5CCNAME environment variable, but in
a setuid context, this may allow overwriting arbitrary files.
Checksums-Sha1:
c71af289fbe709142544bc90f15824db5fa58050 1199 libpam-heimdal_3.10-2.1ubuntu1.dsc
42a9791405d3a56b95f453a801452efc57ee3f26 8531 libpam-heimdal_3.10-2.1ubuntu1.diff.gz
Checksums-Sha256:
b2e0d0b251bcc257c55c3fdd2c8802956a7bb9da13eeefbba766ef269ea06283 1199 libpam-heimdal_3.10-2.1ubuntu1.dsc
fe6fdc8a988ceffdc19e4aa81456aefe8cc3652c66747650d51395683042043c 8531 libpam-heimdal_3.10-2.1ubuntu1.diff.gz
Files:
1c26a7dc9a06f09baf5353a0a63100b5 1199 net optional libpam-heimdal_3.10-2.1ubuntu1.dsc
fb4d847d95cf59e2cdbabbaa5f1b180e 8531 net optional libpam-heimdal_3.10-2.1ubuntu1.diff.gz
Original-Maintainer: Matthijs Mohlmann <matthijs at cacholong.nl>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkmUOnAACgkQONbgY3E1bGD0KwCffXSJYYooy+bhSs2Me1FNnFZB
z+QAoNWAxfboebhcYRsfsk16ke7qBvcS
=+fKl
-----END PGP SIGNATURE-----
More information about the Jaunty-changes
mailing list